LDAP authentication failed

snowman5840 snowman5840 at t-online.de
Mon Oct 18 19:38:35 CEST 2010 

Hi

i have some problems with LDAP authentication. If I login on my windows xp
sp3 client i want to check die login credentials against my LDAP service.
But the xp client uses doubleslashs in the username!! I think this will be
the problem!? If I test with radtest it works. What can i do to succecsful
login?


Debug log:
rad_recv: Access-Request packet from host 192.168.0.2 port 1812, id=62,
length=240
	NAS-IP-Address = 192.168.0.2
	NAS-Port = 50009
	NAS-Port-Type = Ethernet
	User-Name = "FIRMA1\\usera"
	Called-Station-Id = "00-15-F9-D8-7C-C9"
	Calling-Station-Id = "00-1A-4B-63-69-0B"
	Service-Type = Framed-User
	Framed-MTU = 1500
	State = 0xc5fe953bc3f98c0b9575e677705364e2
	EAP-Message =
0x0207006119001703010056b327be51594f6985d1854f17199fefe7151d57481c244787051f7067a50a0056a15e0a831a3aa3661a61aeed66e3c7dc85cd3315301bfd825c786fd60e0110f5124e76e2d543c9a6fd99371be7f1a9637b8ce527669f
	Message-Authenticator = 0xad6e1b5107c7af4b9a5ba3e648d65859
+- entering group authorize {...}
++[chap] returns noop
++[mschap] returns noop
++[unix] returns notfound
[suffix] No '@' in User-Name = "FIRMA1\usera", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[control] returns noop
[eap] EAP packet type response id 7 length 74
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
[ldap] performing user authorization for FIRMA1\usera
[ldap] WARNING: Deprecated conditional expansion ":-".  See "man unlang" for
details
[ldap] 	... expanding second conditional
[ldap] 	expand: %{User-Name} -> FIRMA1\5cusera
[ldap] 	expand: (uid=%{Stripped-User-Name:-%{User-Name}}) ->
(uid=FIRMA1\5cusera)
[ldap] 	expand: dc=firma1,dc=de -> dc=firma1,dc=de
  [ldap] ldap_get_conn: Checking Id: 0
  [ldap] ldap_get_conn: Got Id: 0
  [ldap] performing search in dc=firma1,dc=de, with filter
(uid=FIRMA1\5cusera)
  [ldap] object not found
[ldap] search failed
  [ldap] ldap_release_conn: Release Id: 0
++[ldap] returns notfound


Configuration part of LDAP module:

ldap {
	server = "192.168.0.5"
	identity = "cn=admin,dc=firma1,dc=de"
	password = "xxxx"
	basedn = "dc=firma1,dc=de"
	filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})"
             ......
}
-- 
View this message in context: http://freeradius.1045715.n5.nabble.com/LDAP-authentication-failed-tp3217861p3217861.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.

More information about the Freeradius-Users mailing list